Robert,
On Mon, Dec 1, 2008 at 2:18 PM, Robert Larsen <[EMAIL PROTECTED]> wrote:
> Andres Riancho wrote:
>> Robert,
>>
>> 2008/12/1 Viktor Gazdag <[EMAIL PROTECTED]>:
>>
>>> 2008/11/30 Robert Larsen <[EMAIL PROTECTED]>
>>>
>>>> Hi all
>>>>
>>>> I've been playing with w3af for a month now and I am very impressed.
>>>> Great work guys.
>>>> In fact, next wednesday I am doing a 15 minutes w3af demo to the first
>>>> OWASP meeting in Denmark, but I have a bit of a problem.
>>>>
>>>> I created a web application that suffers from a remote file inclusion
>>>> vulnerability and w3af finds it in seconds so I go to the "Exploit" tab
>>>> and clicks the "Remote file inclusion vulnerability" in the
>>>> "Vulnerabilities" list. "remoteFileIncludeShell" and "rfiProxy" is now
>>>> bold, indicating that I can use them, so I drag them onto the
>>>> vulnerability.
>>>>
>>>> "remoteFileIncludeShell" says:
>>>> Checking suitability...
>>>> Sorry, this attack plugin can not exploit this vulnerability
>>>>
>>>>
>>>> ...and "rfiProxy" says:
>>>> Checking suitability...
>>>> ok
>>>> Exploiting...
>>>> No remote file inclusion vulnerabilities have been found.
>>>>
>>>> Why is this ? I have way enough material to do a good demo but I would
>>>> like to show everything.
>>>>
>>> Did you configure it?
>>>
>>
>> Right button over the plugin in the GUI, "exploit config
>> remoteFileInclusionShell" in the console.
>>
>>
> I tried this, but the "remoteFileIncludeShell" still says that it ain't
> able to exploit the vuln. I only change the "Bind address" option. Does
> it depend on Python or something else being installed on the server ?
No, it just depends on python being installed on your computer, and
you already have that because you are running w3af =)
> The rfiProxy crashes when I try to configure:
> traceback (most recent call last):
> File "/home/robert/code/w3af/core/ui/gtkUi/exploittab.py", line 306,
> in _configureExploit
> confpanel.ConfigDialog(title, self.w3af, plugin, showDesc=True)
> File "/home/robert/code/w3af/core/ui/gtkUi/confpanel.py", line 280, in
> __init__
> longLabel.set_text( plugin.getLongDesc() )
> File
> "/home/robert/code/w3af/core/controllers/basePlugin/basePlugin.py", line
> 102, in getLongDesc
> raise w3afException('Plugin is not implementing required method
> getLongDesc' )
> w3afException: Plugin is not implementing required method getLongDesc
I fixed this bug, but there are many other bugs in the rfiProxy
plugin. I changed a lot of things in the core, and in the audit
plugins, that turned out to impact in strange ways in attack plugins.
Please don't use this plugin for the moment.
> I get the same problems with both the 0.7 version and the latest from
> Subversion. But with the latest version the plugins take way longer to
> finish (maybe they are more thorough) and changing profiles gives me
> another error: "The optionList object doesn't contain an option with the
> name: rfiUrl"
> Also this seems to cause no plugins to be selected for the profile.
>
> Any ideas ?
Always use the latest version from the SVN when something doesn't work.
I can't understand why the remoteFileIncludeShell ain't working for
you. Could you please follow these steps?
- cd w3af
- svn up (Latest is 2132)
- vi scripts/script-remote_file_include_shell.w3af ; and change
the http://localhost/w3af/audit/remoteFileInclusion/vulnerable.php?file=f0as9
address with your own vulnerable script
- save the file
- ./w3af_console -s scripts/script-remote_file_include_shell.w3af
If you don't get command execution, send me the log files.
Cheers,
> -------------------------------------------------------------------------
> This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
> Build the coolest Linux based applications with Moblin SDK & win great prizes
> Grand prize is a trip for two to an Open Source event anywhere in the world
> http://moblin-contest.org/redirect.php?banner_id=100&url=/
> _______________________________________________
> W3af-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/w3af-users
>
--
Andres Riancho
http://w3af.sourceforge.net/
Web Application Attack and Audit Framework
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
W3af-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/w3af-users
